Data protection

We attach great importance to the protection of your personal data when you visit our website. In principle, we collect as little personal data as absolutely necessary. In doing so, your data is protected in compliance with the relevant legislation.

The Federal Centre for Health Education has implemented technical and organisational measures to guarantee that data protection regulations are complied with.

The use of contact information published on our website by third parties to send unsolicited advertising or information material is expressly forbidden. We expressly reserve the right to take legal steps in the event of unsolicited advertising being sent to us.

I. Name and address of controller

The controller within the meaning of the General Data Protection Regulation, the data protection laws of other EU member states, and other data protection legislation is:
Federal Centre for Health Education (BZgA)
Maarweg 149 – 161
50825 Cologne
Germany

Tel. +49 (0) 221-8992-0
E-mail: poststelle@bzga.de
Website: www.bzga.de

II. Contact data of data protection officer

The BZgA’s data protection officer can be contacted at:
Federal Centre for Health Education
- Data Protection Officer
Maarweg 149 – 161
50825 Cologne
Germany

Tel. +49 (0) 221-8992-0
E-mail: datenschutzbeauftragter@bzga.de

III. General information on data processing

1. Scope of personal data processing

In principle, we only collect and utilise personal data from our users insofar is as this necessary for the provision of a functional website along with our content and services. As a rule, we only collect and utilise personal data from our users with their consent. An exception applies in those cases where prior consent cannot be obtained for legitimate reasons and the processing of the data is permitted by law.

2. Legal basis for the processing of personal data

Art. 6 no. 1 lit. a EU General Data Protection ACT (GDPR) serves as the legal basis for the processing of personal data in cases where we obtain the consent of the data subject concerned.

Art. 6 no. 1 lit. b GDPR serves as the legal basis for the processing of personal data necessary for the performance of a contract to which the data subject is a party. The same applies to data processing necessary for the implementation of any measures required before concluding a contract.

Art. 6 no. 1 lit. c GDPR serves as the legal basis for the processing of personal data necessary for compliance with a legal obligation to which our authority is subject.

Art. 6 no. 1 lit. d GDPR serves as the legal basis for the processing of personal data necessary to protect the vital interests of the data subject or another natural person.

Art. 6 no. 1 lit. e GDPR serves as the legal basis for the processing of personal data for the performance of a task in the public interest or in the exercise of official authority vested in the controller.

3. Data erasure and storage period

The data subject's personal data will be erased or blocked as soon as the purpose for which it was stored ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject. The data will also be blocked or erased when a storage period prescribed in the aforementioned legislation expires, unless the data has to be stored for a longer period in order to conclude or execute a contract.

IV. Provision of website and generation of log files

1. Description and scope of data processing

Whenever our website is accessed, our system automatically collects data and information from the accessing computer system.

The data collected constitutes the following:

  1. Browser type and version
  2. Operating system used
  3. Website from which you are visiting our website (referrer URL)
  4. Pages and files you access on our website
  5. If applicable, the website you visit after ours (by clicking an external link on our website)
  6. Date and time at which you accessed our website
  7. Your internet protocol (IP) address, anonymised and truncated

This data is stored in our system's log files. It is not stored together with any of the user's personal data.

2. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Art. 6 no. 1 lit. e GDPR.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to facilitate the delivery of the website to the user's computer. In this situation, the user’s IP address must be stored for the duration of the session.

4. Storage period

Your data is erased as soon as it is no longer required for the purpose for which it was collected. With regard to data collected for the purpose of displaying this website, this is the case when the respective session ends.

With regard to data stored in log files, this is the case after no more than fourteen days. Data may also be stored for longer periods. The user's IP address is stored while the log files are being generated so that it can no longer be assigned to the accessing client.

5. Right to object and right to erasure

The collection of data for the provision of the website and the storage of data in log files are absolutely essential for the operation of the website.

V. Use of cookies

1. Description and scope of data processing

We use cookies to make our website more user-friendly. For certain elements on our website, it must be possible to identify the accessing browser after the user had switched to another page.

Cookies are text files stored in the web browser or by the web browser on the user’s computer system. If the user accesses a website, a cookie can be stored in the user's operating system. This cookie contains a distinguishing string of characters that make it possible to identify the browser when the user revisits the website.

If your browser (e.g. Internet Explorer, Mozilla, Opera) is configured to accept cookies, our website will store up to 4 cookies on your computer.  1 cookie is for the utilisation of service functions.

Up to 3 additional cookies are stored by our web analysis tool “Matomo”.

2. Legal basis for data processing

The legal basis for the processing of personal data using cookies is Art. 6 no. 1 lit. e GDPR.

3. Purpose of data processing

Technically essential cookies are utilised to make the use of our website easier. Some of the functions on our website cannot be provided without the use of cookies. In these cases, it is essential that the browser is recognised when the user accesses another page.

Analysis cookies are used to improve the quality of our website and its content. Analysis cookies enable us to find out how the website is used, as a result of which we can continually optimise our services.

The BZgA uses the web analysis tool “Matomo” for optimisation purposes; this tool is operated on our own servers. “Matomo” is used in compliance with data protection provisions as per the recommendations made by the Independent Centre for Privacy Protection Schleswig-Holstein (Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein – ULD). Matomo immediately anonymises IP address, which means that visitors cannot be identified. The anonymous statistical data is stored separately from any personal data you may have provided and does not allow any conclusions to be drawn about the identity of a particular person.